TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / tf-m-extras / 9ba54a3028a879a4e570bb3918f5e7472672baee / . / partitions / dice_protection_environment / dpe_crypto_interface.c
blob: bbd16ce366f53bcb37903ac00698968370a432eb [file] [log] [blame]
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]1/*
Maulik Patel16e03262024-01-05 14:40:52 +0000[diff] [blame]2 * Copyright (c) 2023-2024, Arm Limited. All rights reserved.
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#include "dpe_crypto_interface.h"
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]9#include <assert.h>
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]10#include <stdbool.h>
11#include <string.h>
12#include "dpe_context_mngr.h"
13#include "dpe_crypto_config.h"
14#include "psa/crypto.h"
15#include "tfm_crypto_defs.h"
16
17static const char attest_cdi_label[] = DPE_ATTEST_CDI_LABEL;
Maulik Patel9fd8bd22023-10-30 10:58:30 +0000[diff] [blame]18static const char exported_attest_cdi_label[] = DPE_ATTEST_EXPORTED_CDI_LABEL;
Maulik Patel4fed7812023-12-08 09:55:22 +0000[diff] [blame]19static const char default_attest_key_deriv_label[] = DPE_ATTEST_KEY_PAIR_LABEL;
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]20static const char id_label[] = DPE_ID_LABEL;
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]21static const uint8_t attest_key_salt[] = DPE_ATTEST_KEY_SALT;
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]22static const uint8_t id_salt[] = DPE_ID_SALT;
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]23
24static psa_status_t perform_derivation(psa_key_id_t base_key,
25 const psa_key_attributes_t *key_attr,
26 const uint8_t *key_label,
27 size_t key_label_len,
28 const uint8_t *salt,
29 size_t salt_len,
30 psa_key_id_t *out_key_id)
31{
32 psa_status_t status;
33 psa_key_derivation_operation_t op = PSA_KEY_DERIVATION_OPERATION_INIT;
34
35 assert((key_label_len != 0) && (key_label != NULL) &&
36 (base_key != 0) && (key_attr != NULL) &&
37 (salt_len != 0) && (salt != NULL));
38
Maulik Patel9ba54a32024-02-09 13:56:06 +0000[diff] [blame^]39 if (*out_key_id != PSA_KEY_ID_NULL) {
40 /* Remove any previously derived keys */
41 (void)psa_destroy_key(*out_key_id);
42 }
43
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]44 status = psa_key_derivation_setup(&op, PSA_ALG_HKDF(PSA_ALG_SHA_256));
45 if (status != PSA_SUCCESS) {
46 return status;
47 }
48
49 status = psa_key_derivation_input_bytes(&op, PSA_KEY_DERIVATION_INPUT_SALT,
50 salt, salt_len);
51 if (status != PSA_SUCCESS) {
52 goto err_abort;
53 }
54
55 status = psa_key_derivation_input_key(&op, PSA_KEY_DERIVATION_INPUT_SECRET,
56 base_key);
57 if (status != PSA_SUCCESS) {
58 goto err_abort;
59 }
60
61 /* Supply the key label as an input to the key derivation */
62 status = psa_key_derivation_input_bytes(&op, PSA_KEY_DERIVATION_INPUT_INFO,
63 key_label, key_label_len);
64 if (status != PSA_SUCCESS) {
65 goto err_abort;
66 }
67
68 status = psa_key_derivation_output_key(key_attr, &op, out_key_id);
69 if (status != PSA_SUCCESS) {
70 goto err_abort;
71 }
72
73 /* Free resources associated with the key derivation operation */
74 status = psa_key_derivation_abort(&op);
75 if (status == PSA_SUCCESS) {
76 goto done;
77 }
78
79 (void)psa_destroy_key(*out_key_id);
80
81err_abort:
82 (void)psa_key_derivation_abort(&op);
83
84done:
85 return status;
86}
87
88psa_status_t derive_attestation_cdi(struct layer_context_t *layer_ctx,
89 const struct layer_context_t *parent_layer_ctx)
90{
91 psa_key_attributes_t derive_key_attr = PSA_KEY_ATTRIBUTES_INIT;
92
93 /* Set key attributes for CDI key */
94 psa_set_key_type(&derive_key_attr, DPE_CDI_KEY_TYPE);
95 psa_set_key_algorithm(&derive_key_attr, DPE_CDI_KEY_ALG);
96 psa_set_key_bits(&derive_key_attr, DPE_CDI_KEY_BITS);
97 psa_set_key_usage_flags(&derive_key_attr, DPE_CDI_KEY_USAGE);
98
99 /* Perform CDI derivation */
100 /* Parent layer CDI is the base key (input secret to key derivation) */
Maulik Patel9fd8bd22023-10-30 10:58:30 +0000[diff] [blame]101
102 if (layer_ctx->is_cdi_to_be_exported) {
103 return perform_derivation(parent_layer_ctx->data.cdi_key_id,
104 &derive_key_attr,
105 (uint8_t *) &exported_attest_cdi_label[0],
106 sizeof(exported_attest_cdi_label),
107 layer_ctx->attest_cdi_hash_input,
108 sizeof(layer_ctx->attest_cdi_hash_input),
109 &layer_ctx->data.cdi_key_id);
110
111 } else {
112 return perform_derivation(parent_layer_ctx->data.cdi_key_id,
113 &derive_key_attr,
114 (uint8_t *) &attest_cdi_label[0],
115 sizeof(attest_cdi_label),
116 layer_ctx->attest_cdi_hash_input,
117 sizeof(layer_ctx->attest_cdi_hash_input),
118 &layer_ctx->data.cdi_key_id);
119 }
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]120}
121
122psa_status_t derive_attestation_key(struct layer_context_t *layer_ctx)
123{
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]124 psa_status_t status;
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]125 psa_key_attributes_t attest_key_attr = PSA_KEY_ATTRIBUTES_INIT;
126
127 /* Set key attributes for Attest key pair derivation */
128 psa_set_key_type(&attest_key_attr, DPE_ATTEST_KEY_TYPE);
129 psa_set_key_algorithm(&attest_key_attr, DPE_ATTEST_KEY_ALG);
130 psa_set_key_bits(&attest_key_attr, DPE_ATTEST_KEY_BITS);
131 psa_set_key_usage_flags(&attest_key_attr, DPE_ATTEST_KEY_USAGE);
132
133 /* Perform key pair derivation */
Maulik Patel4fed7812023-12-08 09:55:22 +0000[diff] [blame]134
135 if (layer_ctx->data.external_key_deriv_label_len > 0) {
136 /* Use the external label provided for key derivation */
137 status = perform_derivation(layer_ctx->data.cdi_key_id,
138 &attest_key_attr,
139 &layer_ctx->data.external_key_deriv_label[0], /* External label */
140 layer_ctx->data.external_key_deriv_label_len,
141 attest_key_salt,
142 sizeof(attest_key_salt),
143 &layer_ctx->data.attest_key_id);
144 } else {
145 /* Use the default label for key derivation */
146 status = perform_derivation(layer_ctx->data.cdi_key_id,
147 &attest_key_attr,
148 (uint8_t *)&default_attest_key_deriv_label[0], /* Default label */
149 sizeof(default_attest_key_deriv_label),
150 attest_key_salt,
151 sizeof(attest_key_salt),
152 &layer_ctx->data.attest_key_id);
153 }
154
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]155 if (status != PSA_SUCCESS) {
156 return status;
157 }
158
159 return psa_export_public_key(layer_ctx->data.attest_key_id,
160 &layer_ctx->data.attest_pub_key[0],
161 sizeof(layer_ctx->data.attest_pub_key),
162 &layer_ctx->data.attest_pub_key_len);
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]163}
164
165psa_status_t create_layer_cdi_key(struct layer_context_t *layer_ctx,
166 const uint8_t *cdi_input,
167 size_t cdi_input_size)
168{
169 psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT;
170
171 /* Set key attributes for CDI key */
172 psa_set_key_type(&base_attributes, DPE_CDI_KEY_TYPE);
173 psa_set_key_algorithm(&base_attributes, DPE_CDI_KEY_ALG);
174 psa_set_key_bits(&base_attributes, DPE_CDI_KEY_BITS);
175 psa_set_key_usage_flags(&base_attributes, DPE_CDI_KEY_USAGE);
176
177 return psa_import_key(&base_attributes,
178 cdi_input,
179 cdi_input_size,
180 &layer_ctx->data.cdi_key_id);
181}
182
183psa_status_t derive_sealing_cdi(struct layer_context_t *layer_ctx)
184{
185 //TODO:
186 (void)layer_ctx;
187 return PSA_SUCCESS;
188}
189
190psa_status_t derive_wrapping_key(struct layer_context_t *layer_ctx)
191{
192 //TODO:
193 (void)layer_ctx;
194 return PSA_SUCCESS;
195}
196
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]197psa_status_t derive_id_from_public_key(struct layer_context_t *layer_ctx)
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]198{
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]199 psa_status_t status;
200 psa_key_attributes_t derive_key_attr = PSA_KEY_ATTRIBUTES_INIT;
201 psa_key_attributes_t base_attr = PSA_KEY_ATTRIBUTES_INIT;
202 size_t output_id_len;
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]203
Maulik Patel2358bbb2023-07-21 10:56:56 +0100[diff] [blame]204 psa_key_id_t base_key = PSA_KEY_ID_NULL;
205 psa_key_id_t derived_key_id = PSA_KEY_ID_NULL;
206
207 psa_set_key_type(&base_attr, PSA_KEY_TYPE_DERIVE);
208 psa_set_key_algorithm(&base_attr, PSA_ALG_HKDF(PSA_ALG_SHA_256));
209 psa_set_key_bits(&base_attr, PSA_BYTES_TO_BITS(layer_ctx->data.attest_pub_key_len));
210 psa_set_key_usage_flags(&base_attr, PSA_KEY_USAGE_DERIVE);
211
212 status = psa_import_key(&base_attr,
213 &layer_ctx->data.attest_pub_key[0],
214 layer_ctx->data.attest_pub_key_len,
215 &base_key);
216 if (status != PSA_SUCCESS) {
217 return status;
218 }
219
220 /* Derive Key attributes same as CDI attributes except the label */
221 psa_set_key_type(&derive_key_attr, PSA_KEY_TYPE_RAW_DATA);
222 psa_set_key_algorithm(&derive_key_attr, PSA_ALG_HKDF(PSA_ALG_SHA_256));
223 psa_set_key_bits(&derive_key_attr, PSA_BYTES_TO_BITS(DICE_ID_SIZE));
224 psa_set_key_usage_flags(&derive_key_attr, PSA_KEY_USAGE_EXPORT);
225
226 /* Perform ID derivation */
227 /* Supply the ID label as an input to the key derivation */
228 status = perform_derivation(base_key,
229 &derive_key_attr,
230 (uint8_t *) &id_label[0],
231 sizeof(id_label),
232 id_salt,
233 sizeof(id_salt),
234 &derived_key_id);
235 if (status != PSA_SUCCESS) {
236 goto err_destroy_base_key;
237 }
238 status = psa_export_key(derived_key_id,
239 &layer_ctx->data.cdi_id[0],
240 sizeof(layer_ctx->data.cdi_id),
241 &output_id_len);
242
243 (void)psa_destroy_key(derived_key_id);
244
245err_destroy_base_key:
246 (void)psa_destroy_key(base_key);
247
248 return status;
Maulik Patel58595d32023-06-22 10:08:53 +0100[diff] [blame]249}
Jamie Fox93225232023-09-22 14:09:30 +0100[diff] [blame]250
251psa_status_t derive_cdi_id(psa_key_id_t attest_key_id, uint8_t *cdi_id,
252 size_t cdi_id_size)
253{
254 psa_status_t status;
255 psa_key_derivation_operation_t op = PSA_KEY_DERIVATION_OPERATION_INIT;
256 uint8_t attest_pub_key[DPE_ATTEST_PUB_KEY_SIZE];
257 size_t attest_pub_key_len;
258
259 status = psa_export_public_key(attest_key_id, attest_pub_key,
260 sizeof(attest_pub_key), &attest_pub_key_len);
261 if (status != PSA_SUCCESS) {
262 return status;
263 }
264
265 status = psa_key_derivation_setup(&op, PSA_ALG_HKDF(PSA_ALG_SHA_256));
266 if (status != PSA_SUCCESS) {
267 return status;
268 }
269
270 status = psa_key_derivation_input_bytes(&op, PSA_KEY_DERIVATION_INPUT_SALT,
271 id_salt, sizeof(id_salt));
272 if (status != PSA_SUCCESS) {
273 goto err_abort;
274 }
275
276 status = psa_key_derivation_input_bytes(&op,
277 PSA_KEY_DERIVATION_INPUT_SECRET,
278 attest_pub_key, attest_pub_key_len);
279 if (status != PSA_SUCCESS) {
280 goto err_abort;
281 }
282
283 status = psa_key_derivation_input_bytes(&op, PSA_KEY_DERIVATION_INPUT_INFO,
284 (const uint8_t *)id_label,
285 sizeof(id_label));
286 if (status != PSA_SUCCESS) {
287 goto err_abort;
288 }
289
290 status = psa_key_derivation_output_bytes(&op, cdi_id, cdi_id_size);
291 if (status != PSA_SUCCESS) {
292 goto err_abort;
293 }
294
295 return psa_key_derivation_abort(&op);
296
297err_abort:
298 (void)psa_key_derivation_abort(&op);
299 return status;
300}
Maulik Patel9fd8bd22023-10-30 10:58:30 +0000[diff] [blame]301
302psa_status_t get_layer_cdi_value(const struct layer_context_t *layer_ctx,
Tamas Ban5179a4d2024-01-25 17:05:30 +0100[diff] [blame]303 uint8_t cdi_attest_buf[DICE_CDI_SIZE],
304 uint8_t cdi_seal_buf[DICE_CDI_SIZE])
Maulik Patel9fd8bd22023-10-30 10:58:30 +0000[diff] [blame]305{
306 psa_status_t status;
Tamas Ban5179a4d2024-01-25 17:05:30 +0100[diff] [blame]307 size_t cdi_attest_actual_size;
Maulik Patel9fd8bd22023-10-30 10:58:30 +0000[diff] [blame]308
309 //TODO: Sealing CDI to be added later
Tamas Ban5179a4d2024-01-25 17:05:30 +0100[diff] [blame]310 memset(cdi_seal_buf, 0, DICE_CDI_SIZE); /* Return hard-coded data */
311
312 /* Query the attest CDI */
Maulik Patel9fd8bd22023-10-30 10:58:30 +0000[diff] [blame]313 status = psa_export_key(layer_ctx->data.cdi_key_id,
Tamas Ban5179a4d2024-01-25 17:05:30 +0100[diff] [blame]314 cdi_attest_buf,
315 DICE_CDI_SIZE,
316 &cdi_attest_actual_size);
317
318 assert(cdi_attest_actual_size == DICE_CDI_SIZE);
Maulik Patel9fd8bd22023-10-30 10:58:30 +0000[diff] [blame]319
320 return status;
321}